<?php
class LoginAction extends Action{

	public function Index(){
	    $this->display();
	}
	
	public function Login(){
        if(I('code','','md5')!= session('verify')){
          $this->error('验证码错误');
        }
        
        $username=I('username');
        $pwd=md5(I('password'));
        // echo md5("admin");die();
        $user=M('user')->where(array('username'=>$username))->find();
        
        // // echo $pwd;
        // echo $user["password"];
        // die();


        if(!$user || $pwd!=$user["password"]){
          $this->error("账号密码错误");
          
        }
        
        $data=array(
          'id'=>$user['id'],
          'logintime'=>time(),
          'loginip'=>get_client_ip(),
        );
        //p($data);die;
        
        M("user")->save($data);
        
    
        session(C('USER_AUTH_KEY'),$user['id']);
        
        session('username',$username);
        session('logintime',date('Y-m-d H:i',$user['logintime']));
        session('loginip',$user['loginip']);
        //p($_SESSION);die;	
        
        //超级管理员识别
        if($user['username']==C('RBAC_SUPERADMIN')){
           session(C('ADMIN_AUTH_KEY'),true);
        }
        //读取用户权限
        import('ORG.Util.RBAC');
        RBAC::saveAccessList();
        $this->redirect("Admin/Index/Index");
        
	}
	
	public function Verify(){
	
	  import("ORG.Util.Image");
	  ob_end_clean();
	  $verify=C('verify_length');
	  Image::buildImageVerify($verify);
	  
	}
	
	
}